ArchLinux: 201903-2: openssl-1.0: information disclosure

    Date04 Mar 2019
    CategoryArchLinux
    657
    Posted ByLinuxSecurity Advisories
    The package openssl-1.0 before version 1.0.2.r-1 is vulnerable to information disclosure.
    Arch Linux Security Advisory ASA-201903-2
    =========================================
    
    Severity: Medium
    Date    : 2019-03-02
    CVE-ID  : CVE-2019-1559
    Package : openssl-1.0
    Type    : information disclosure
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-917
    
    Summary
    =======
    
    The package openssl-1.0 before version 1.0.2.r-1 is vulnerable to
    information disclosure.
    
    Resolution
    ==========
    
    Upgrade to 1.0.2.r-1.
    
    # pacman -Syu "openssl-1.0>=1.0.2.r-1"
    
    The problem has been fixed upstream in version 1.0.2.r.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    A padding oracle has been found in OpenSSL versions prior to 1.0.2r.
    This issue does not impact OpenSSL 1.1.1 or 1.1.0. If an application
    encounters a fatal protocol error and then calls SSL_shutdown() twice
    (once to send a close_notify, and once to receive one) then OpenSSL can
    respond differently to the calling application if a 0 byte record is
    received with invalid padding compared to if a 0 byte record is
    received with an invalid MAC. If the application then behaves
    differently based on that in a way that is detectable to the remote
    peer, then this amounts to a padding oracle that could be used to
    decrypt data.
    In order for this to be exploitable "non-stitched" ciphersuites must be
    in use. Stitched ciphersuites are optimised implementations of certain
    commonly used ciphersuites. Also the application must call
    SSL_shutdown() twice even if a protocol error has occurred
    (applications should not do this but some do anyway). AEAD ciphersuites
    are not impacted.
    
    Impact
    ======
    
    A remote attacker might be able to use a padding oracle to decrypt
    confidential data.
    
    References
    ==========
    
    https://www.openssl.org/news/secadv/20190226.txt
    https://security.archlinux.org/CVE-2019-1559
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com feature?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    17
    radio
    [{"id":"65","title":"Feature articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"66","title":"News","votes":"1","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"67","title":"HOWTOs","votes":"2","type":"x","order":"3","pct":66.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.